Microsoft patched more than 100 security holes in April update

Number of revisions security error This month is much higher than last month. In Patch Tuesday in March, Microsoft patched 71 vulnerabilities. April is the month that Microsoft releases the most patches in a month since September 2020.

The security feature fixes the severity range from “Severe” to “Important” and addresses various impacts such as Remote Code Execution, Elevation of Privileges, Ignore Security Features, From Denial of Service, Forgery and Disclosure.

Products patched this month are operating systems: Windows, Microsoft Office, Dynamics, Edge, Hyper-V, File Server, Skype for Business, Windows SMB.

The two zero-day vulnerabilities on the list are CVE-2022-26904 and CVE-2022-24521. Microsoft says the CVE-2022-26904 vulnerability has not been used in any attacks, and Microsoft is aware that previous instances of this type of vulnerability have been exploited.

Meanwhile, the vulnerability CVE-2022-24521 was found in the Windows Common Log File System Driver. Microsoft has discovered the exploit CVE-2022-24521. This bug is leveraged after authentication after the attacker has successfully accessed the vulnerable system, to gain higher permissions.

Right now, you can update your Windows PC by:

Windows 10:

Go to Start > Settings > Update & Security > Windows Update. Then select Check for updates. If an update is available, select Download and install now.

Windows 11:

Go to Start > Settings > Windows Update > Check for updates. If an update is available, select Download and install now.

* Invite readers to watch programs broadcast by Vietnam Television on TV Online and VTVGo!